markdown-stack
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to process untrusted markdown data, creating an injection surface. * Ingestion points: Markdown source content and repository identifiers in directives. * Boundary markers: Uses standard markdown delimiters and directive syntax. * Capability inventory: Renders HTML, transforms ASTs, and fetches public repository data via API. * Sanitization: No specific sanitization or validation logic is detailed in the provided documentation.
- [External Downloads] (LOW): The skill documentation lists multiple external Node.js dependencies required for the markdown pipeline. While these are standard community tools, they constitute an external dependency footprint.
Audit Metadata